Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
InfoSec is a weiqi board
Chuan Lin, CISSP
 As Information Security (InfoSec資安)
Profession, we tend to focus on a particular
domain because it is happening right no...
• Weiqi has been often used to metaphor on
one’s life, business, and military conflict
where one gains or loses grounds.
•...
 Stones are playing pieces
that both players take
turn placing them on
board. Once placed,
these stones can’t be
moved un...
 Black Stones in InfoSec
can represent
technologies, tools,
social engineering, and
the human component.
These pieces are...
 White Stones (白棋子) in
InfoSec are represented
as administrative,
physical and technical
controls that are able to
suppor...
 Whatever they may be,
these white stones have to
work in unison, to support
one another. Firewall is
only as good as the...
 Stones are placed at the
intersect points on a
playing board which is
called goban (碁盤).
 There are three goban
size th...
 A goban represents a
company/business
physical location.
 These intersect points
are the converging points
of network, ...
 A goban of 9x9 is for
beginner which has 4
dots which are known as
star points (星). They
have strategic and
tactical imp...
 This is similar to
organization structure of
a regional size company
whose star points are…
 These start points are
are...
 For InfoSec of a regional
size company, these star
points can also view as…
 By maintaining a control
over a star point...
 Next goban board is 13x13
and the largest board is
19x19. They represent
national or international
sized corporation. Th...
 Organization structure
of both national and
international businesses
will have additional star
points which are...
admin...
 Both national and
international businesses
will have additional star
points which need to be
consider when planning
out ...
 If you line up all those
star points, they form
into the 4th Line of
Defense, the Influence
Line.
 This is an optima ar...
 Influence Line in InfoSec is
where the threat is
detected within the
premise, or within the
company network.
 The threa...
 If you draw a box
surround all those star
points, they form into
the 3rd Line of Defense,
the Onsite Line.
 Like Influe...
 Onsite Line in InfoSec is
where the threat is
detected within public
area of the premise, or at
the 2nd firewall layer.
...
 If you draw a box at a
point right next to the
border, they form into
the 2nd Line of Defense,
the Failure Line.
 Thoug...
 Failure Line in InfoSec is
where the threat is
detected at the public
area around the premise,
or at the DMZ.
 If this ...
 If you draw a line around
the border, they form
into the 1st Line of
Defense, the Demise
Line.
 This line is usually
ex...
 Demise Line in InfoSec is
where the threat is
detected away from the
premise, or at the first
firewall of the company
we...
 Game of Weiqi has been around for centuries. Yet, it still
can provide profound insights to the 20th Century InfoSec
Pro...
 Besides traditional entry points of network, hardware,
software and physical, there are other new entry points
which bec...
Upcoming SlideShare
Loading in …5
×

Weiqi and InfoSec

495 views

Published on

As Information Security (InfoSec資安) Profession, we tend to focus on a particular domain because it is happening right now and we often miss the bigger picture.

Weiqi (圍棋) is a Chinese board game of moving pieces in order to gain greater area of board. It is more popular known in the West as Japanese Go.

Weiqi has been often used to metaphor on one’s life, business, and military conflict where one gains or loses grounds.

By observing weiqi in play, it can help us seeing our company’s Information Security in its entirety.

This is 1st of 3 part series on Weiqi/InfoSec.

This slide will focus on weiqi components and how they are similar to InfoSec World.

Published in: Technology

Weiqi and InfoSec

  1. 1. InfoSec is a weiqi board Chuan Lin, CISSP
  2. 2.  As Information Security (InfoSec資安) Profession, we tend to focus on a particular domain because it is happening right now and we often miss the bigger picture. • Weiqi (圍棋) is a Chinese board game of moving pieces in order to gain greater area of board. It is more popular known in the West as Japanese Go.
  3. 3. • Weiqi has been often used to metaphor on one’s life, business, and military conflict where one gains or loses grounds. • By observing weiqi in play, it can help us seeing our company’s Information Security in its entirety. • This is 1st of 3 part series on Weiqi/InfoSec. • This slide will focus on weiqi components and how they are similar to InfoSec World.
  4. 4.  Stones are playing pieces that both players take turn placing them on board. Once placed, these stones can’t be moved until it is completely surrounded by opposing pieces.  In Weiqi, black stone (黑 棋子) has the first move. "Stones go" by Chad Miller - Flickr: pente. Licensed under Creative Commons Attribution-Share Alike 2.0 via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:Stones_go.jpg#mediaviewer/File:Stones_go.j pg
  5. 5.  Black Stones in InfoSec can represent technologies, tools, social engineering, and the human component. These pieces are used in advanced persistent attacks as being dedicated, concealed, coordinated, and goal oriented. "Stones go" by Chad Miller - Flickr: pente. Licensed under Creative Commons Attribution-Share Alike 2.0 via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:Stones_go.jpg#mediaviewer/File:Stones_go.j pg
  6. 6.  White Stones (白棋子) in InfoSec are represented as administrative, physical and technical controls that are able to support each other without dissonances.  They can be firewall, RFID card, security camera, logs, guards, etc. "FloorGoban" by Goban1 - Own work. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:FloorGoban.JPG#mediaviewer/File:FloorGob an.JPG
  7. 7.  Whatever they may be, these white stones have to work in unison, to support one another. Firewall is only as good as the person who maintain it. InfoSec Profession can only be as effective as the company policy dictated. And policy can only be forceful if people and technology are backing it up. "FloorGoban" by Goban1 - Own work. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:FloorGoban.JPG#mediaviewer/File:FloorGob an.JPG
  8. 8.  Stones are placed at the intersect points on a playing board which is called goban (碁盤).  There are three goban size that corresponded the skill of the players which also corresponded to a company size. "Blank Go board" by Gringer (talk) - Originally based on File:Blank_Go_board.png, but SVG has since been manually rewritten. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:Blank_Go_board.svg#mediaviewer/File:Blank _Go_board.svg
  9. 9.  A goban represents a company/business physical location.  These intersect points are the converging points of network, electrical, hardware, software and human presence. "Blank Go board" by Gringer (talk) - Originally based on File:Blank_Go_board.png, but SVG has since been manually rewritten. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:Blank_Go_board.svg#mediaviewer/File:Blank _Go_board.svg
  10. 10.  A goban of 9x9 is for beginner which has 4 dots which are known as star points (星). They have strategic and tactical importance. There is a center point called Tianyuan (天元) or tengen. It is the center of heaven.
  11. 11.  This is similar to organization structure of a regional size company whose star points are…  These start points are area of controls which are targeted by attackers. administration HR finance IT data
  12. 12.  For InfoSec of a regional size company, these star points can also view as…  By maintaining a control over a star point, hacker may advance to cover more area/InfoSec may contain hacker’s movement. network software hardware employees data
  13. 13.  Next goban board is 13x13 and the largest board is 19x19. They represent national or international sized corporation. They have 6 to 9 star points of strategic and tactical importance in game and in real world.
  14. 14.  Organization structure of both national and international businesses will have additional star points which are... adminsitraton HR IT research law vendors finance core business Data
  15. 15.  Both national and international businesses will have additional star points which need to be consider when planning out defenses.  Even now, hackers are thinking of another venue of entrance by thinking out of the box. network hardware software location employees vendors energy Internet of things Data
  16. 16.  If you line up all those star points, they form into the 4th Line of Defense, the Influence Line.  This is an optima area of player to expand to all direction.  However, it is easier to expand toward the center than to the edge.
  17. 17.  Influence Line in InfoSec is where the threat is detected within the premise, or within the company network.  The threat has almost unlimited potential to move around because it is inside of all layer defenses.  Nonetheless, it will be harder to expand outward than inward because of same reason above. "FloorGoban" by Goban1 - Own work. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:FloorGoban.JPG#mediaviewer/File:FloorGob an.JPG
  18. 18.  If you draw a box surround all those star points, they form into the 3rd Line of Defense, the Onsite Line.  Like Influence Line, this is a potential because it can establish a link toward the outside or the inside.
  19. 19.  Onsite Line in InfoSec is where the threat is detected within public area of the premise, or at the 2nd firewall layer.  The threat is attempting to establish a connection between the outside and the inside. "FloorGoban" by Goban1 - Own work. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:FloorGoban.JPG#mediaviewer/File:FloorGob an.JPG
  20. 20.  If you draw a box at a point right next to the border, they form into the 2nd Line of Defense, the Failure Line.  Though line is longer than 3rd and 4th, it does not have much maneuverability.  This line is played during mid to late game.
  21. 21.  Failure Line in InfoSec is where the threat is detected at the public area around the premise, or at the DMZ.  If this showed up after an internal breach is detected, this may be an attempted to establish a connection. "FloorGoban" by Goban1 - Own work. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:FloorGoban.JPG#mediaviewer/File:FloorGob an.JPG
  22. 22.  If you draw a line around the border, they form into the 1st Line of Defense, the Demise Line.  This line is usually exploited in mid to late game to establish spheres of controls.
  23. 23.  Demise Line in InfoSec is where the threat is detected away from the premise, or at the first firewall of the company website.  The threat is far away that InfoSec has time to strengthen defenses in depth. "FloorGoban" by Goban1 - Own work. Licensed under Public domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:FloorGoban.JPG#mediaviewer/File:FloorGob an.JPG
  24. 24.  Game of Weiqi has been around for centuries. Yet, it still can provide profound insights to the 20th Century InfoSec Professional.  For hackers, their DDOS and ransomware are not made up an all powerful single identifiable majestic piece (i.e. the Queen) but consisted multitude of negligible pieces (i.e. the stones) that when synced up, it can deliver a devastating punch.  For administrators, it is not about the best tools that money can buy, but inclusive of employees, security policy, incident responses, contingency plans, and more importantly, the communication that interlocked around corporate data.
  25. 25.  Besides traditional entry points of network, hardware, software and physical, there are other new entry points which become apparent as a company getting larger.  These new entry points could provide the VPN for an impeding attacks that bypass layer defenses.  Layer defense strategy shouldn’t just apply to incoming attacks but also to block attacks from phoning home.  Next Weiqi/InfoSec powerpoint will focus on how the game mechanic resemble an attack.

×